﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace WebApp1.Models
{
    public class SecurityCheckManager
    {
        public static bool IsAdminPortalEabled()
        {
            bool isAdminPortal = Convert.ToBoolean(System.Configuration.ConfigurationManager.AppSettings.Get("IsAdminPortal"));


            return isAdminPortal;

         
        }
    }

    public class AdminAuthorizeAttribute : AuthorizeAttribute
    {
        public AdminAuthorizeAttribute()
        {
            if (SecurityCheckManager.IsAdminPortalEabled() == false)
            {
                HttpContext httpContext = HttpContext.Current;

                httpContext.Response.StatusCode = 403;
                httpContext.Response.StatusDescription = "This can be accessed by only admin.";
                httpContext.Response.Flush();
                httpContext.Response.End();
            }
        }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (SecurityCheckManager.IsAdminPortalEabled() == false)
            {
                httpContext.Response.StatusCode=403;
                httpContext.Response.StatusDescription = "This can be accessed by only admin.";
                httpContext.Response.Flush();
                httpContext.Response.End();
            }
            return true;
        }
    }
}